Jun 16 2023 08:49 PM
How do I send carbon black logs to sentinel without S3 bucket
Sep 15 2023 07:26 PM
@philipbrinkSA you could go down the road of building a logstash forwarder with the carbon black plugin
See documentation below
VMware Carbon Black EDR | Documentation (elastic.co)
Use Logstash to stream logs with pipeline transformations via DCR-based API | Microsoft Learn
